Is such an attack possible on ssh?

E

elisey4742016-09-01 18:55:15

linux

elisey474, 2016-09-01 18:55:15

!!!openssh / password authorization!!!
So. The attacker creates a proxy and saves all traffic between the client and the server. The client receives the public key, sends a login and password with it, and the server authorizes the client, then the client sends the public key and the client and the server start the exchange.
Then the attacker creates a fake client, he, ignoring the server's responses, sends everything that the original client sent, and at the moment when he needs to transfer the shared key for the session, he sends him his key, the data encrypted with which he can decrypt. He can send him the key, because he knows the public key of the server, because the server distributes it to everyone. Thus, the attacker gains access to the server from the user from whom the client came.
Is such an attack possible? Why?
!!!openssh / password authorization!!!

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

X

xmoonlight, 2016-09-01
@xmoonlight

I advise you to read mat. the part about SSH sessions.

S

Sergey SA, 2016-09-02
@resetsa

No, this attack won't work.
if greatly simplified, the client and server generate a shared key from 2 parts,
one is provided by the client, the other is provided by the server (Diffie-Hellman algorithm)
, as a result, the data is encrypted with a shared secret key.